[Asterisk-Users] running * on a VPN gateway
Ian Blenke
icblenke at nks.net
Wed Sep 10 12:23:08 MST 2003
Lee Goodman wrote:
> Could the bindaddr=x.x.x.x be a way to make * work through a NAT?
>
> I have * and a few 7960 phones behind a NAT. I am trying to register with a
> proxy on the outside of the NAT. Registration is ok, but the VIA field has
> my inside NAT ip address (192. 168.0.7). So the proxy doesn't know how to
> send a call to *. Would adding my outside NAT ip address to the bindaddr
> statement cause the * to put the outside address in the VIA field???
Use "fromdomain=" in your sip.conf entry for your external proxy to
override this.
>>If like me you run * on a VPN (or multihomed) gateway and want to serve
>>remote SIP clients, make sure you have
>>
>>bindaddr = 192.168.0.1 ; or whatever is your box's private IP
>>
>>otherwise * might bind to its public IP and send it as return address in
>>the SIP call setup, which will (should) be rejected by your firewall.
>>
>>To * experts: might this setting interfer with NATed SIP clients?
There appear to be real issues with multi-homed Asterisk installs in
more than simple call appearances in the SIP messages.
At one point in testing with a recent CVS build (while bound to
0.0.0.0), I was getting SIP messages from the public IP interface and
RTP streams *from* the private IP interface, resulting in one-way audio
(the called party could hear me, I could not hear them). Very confusing,
to say the least.
--
- Ian C. Blenke <icblenke at nks.net>
(This message bound by the following:
http://www.nks.net/email_disclaimer.html)
More information about the asterisk-users
mailing list